MGASA-2018-0441

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2018-0441.html
Import Source
https://advisories.mageia.org/MGASA-2018-0441.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2018-0441
Related
Published
2018-11-11T21:09:54Z
Modified
2018-11-11T20:41:35Z
Summary
Updated audiofile packages fix security vulnerabilities
Details

A NULL pointer dereference in modules/ModuleState.cpp:ModuleState::setup() allows for denial of service via crafted file (CVE-2018-13440).

A Heap-based buffer overflow was found in Expand3To4Module::run when running sfconvert (CVE-2018-17095).

References
Credits

Affected packages

Mageia:6 / audiofile

Package

Name
audiofile
Purl
pkg:rpm/mageia/audiofile?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.3.6-8.1.mga6

Ecosystem specific 

{
    "section": "core"
}